From 80b307740d12a3270236afaa5167efc61dbb64c9 Mon Sep 17 00:00:00 2001
From: Jeff Moe <moe@forksand.com>
Date: Wed, 4 Jul 2018 12:42:21 -0600
Subject: [PATCH] DNS records for mx1 notes

---
 source/resources/apps/email-ansible/TODO | 25 ++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/source/resources/apps/email-ansible/TODO b/source/resources/apps/email-ansible/TODO
index 61e7e7b..b805555 100644
--- a/source/resources/apps/email-ansible/TODO
+++ b/source/resources/apps/email-ansible/TODO
@@ -7,3 +7,28 @@ chown -R mailarchive:mailarchive /home/mailarchive/Maildir
 
 # DMARC
 Instead of "p=reject", set to "p=none" until confirmed working.
+
+# DKIM
+Jul  4 12:38:50 mx1 opendkim[23469]: can't load key from /etc/opendkim/forksand.com.dkim.private: Permission denied
+
+XXX
+
+chown opendkim /etc/opendkim/forksand.com.dkim.private
+service opendkim restart
+
+# Set up DNS records:
+
+TXT     @       "v=spf1 include:_spf.protonmail.ch mx ip4:174.128.244.233 ip4:174.128.244.234 -all"
+
+TXT     _dmarc  "v=DMARC1; p=none; rua=mailto:postmaster@forksand.com""
+
+TXT     forksand.com.dkim._domainkey    ( "v=DKIM1; h=sha256; k=rsa; "
+          "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7CTEIuPHdWaCZbNBPxlw2LEU3trXqrYEpX/LjJhlRujvDpaz3C5/ItFcbMUWkrg6oXq4s2yS2moRRqAbloHGD1nrnucb2pKX2A3o8IlGKMG1cPdtGvb6vXpE7Yyq2wFkwIk2mMw5SmGOZ2KSju9R2VQ+i5X5HunGrfATYX/StABM1fAigNiltOKXntm/F7OVyPBu2c/mGk86e"
+          "s99FNUdLNR6oPt5OFWXjUP3j/3HcDLDSd9yoKLhLRjOJpBugqAFx0B3g+X6ev4xHEe6B76o57RqK2eEe2vZJay/Me1Z/UHTvgohHuO/aYcJCXxDOxx/D07mztH2maKlE678OgKFwIDAQAB" )  
+
+TXT     protonmail._domainkey   "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpLi9apcLrxwSXGFFD0n/pgc5iOwfCsTELz+JICz+j2iAwuExU3uvz6P83FTHaJSemT3YGPxbW3li6AJHYUjttagJom3CffpDcT0fGfhZ/zwIt+aTIfUYWJxt1wf6kAUdHVYtopKObx0fdy16IVUIToc/4D5QaT8vARrEr+P/ARwIDAQAB"
+
+MX      @       900     10      mx1.forksand.com.
+
+MX      @       900     50      mail.protonmail.ch.
+